Christopher Davis is CEO of cybersecurity firm HYAS InfoSec in Nanaimo.

Nanaimo cybersecurity expert helps evaluate campaign e-mail server

NANAIMO - Christopher Davis, CEO of HYAS InfoSec, called to consult on Trump-Russia computer links.

A Nanaimo cybersecurity expert was recently called upon to help shed light on cryptic information gleaned from a computer scientist about communications between the Trump presidential campaign and a Russian bank.

The computer scientist, who goes by the alias Tea Leaves, is one of just a few people worldwide entrusted with a list of nearly all the web servers in the world who hunt malware, programming such as viruses and other hostile software that can damage networks, disrupt communication and control systems, steal information or commit other malicious acts. Their work helps protect private users, businesses, governments, anyone connected to the Internet.

To communicate, the Internet uses a set of protocols called the Domain Name System or DNS – similar to  street address or phone numbers – to ensure information is passed between its intended senders and recipients. In late July, some DNS data caught Tea Leaves’ eye that has led to reports in the news media suggesting an e-mail server owned by U.S. presidential candidate Donald Trump was in communication with Russia.

“What we’re seeing here is that Alpha Bank in Russia is doing lots and lots of these phonebook lookups for this [e-mail] server connected to the Trump organization,” said Christopher Davis, founder and CEO of Nanaimo-based cybersecurity firm HYAS InfoSec, who was called upon to consult on the data.

Davis received the U.S. Federal Bureau of Investigation’s Director’s Award in 2013 for bringing down an international network of more than 15 million computers, hijacked by malware to steal passwords, credit card numbers and personal data in 2009. His work helped prosecute a Slovenian and two Spaniards behind the scheme.

The Trump e-mail server appeared to be set up for mass marketing the Trump Card Privileges Program, but based on the data Davis looked at, the e-mail server appeared to be talking to only two places, an Alpha Bank server in Russia and another at U.S.-based Spectrum Health.

“If I’m setting up a marketing mail server, what kind of [poor] marketing am I doing if I’m only sending out marketing messages to two places?” Davis said. “Those are the questions I have and there’s no good answer for them. I don’t know what the answer is.”

Unfortunately, reading DNS data doesn’t reveal communication content. What it does reveal are patterns that can indicate whether communications are being sent automatically by malware or by people typing at keyboards. Davis thinks it’s the latter, but said he can’t draw any conclusions about who they are or what’s being communicated.

“There was like five of us that sort of went over this with a fine-tooth comb and looked at it pretty deeply. There’s a bunch of weirdness to it that doesn’t match anything in my 20 years, 25 years of doing IT that I’ve ever seen before,” Davis said. “It’s just that I’ve never seen anyone set up to send spam to two people. It’s kind of a ridiculous thing to do.”

Just Posted

Nanaimo councillor sparks initiative to stress importance of women in leadership

Coun. Erin Hemmens to work with Equal Voice on meeting, workshop, mentorship

VIU wins one of two against U Sports opponent

Mariners win then lose against Trinity Western University Spartans

Google engineer to speak at Nanaimo’s VIU next week

Rohit Gupta will discuss cloud computing, machine learning at free event Oct. 29

Province willing to talk with Lantzville about traffic management for Island Highway

Lantzville councillor plans to ask ministry to install traffic time signs on Highway 19

LETTER TO THE EDITOR: Lack of coverage of Liberals was ‘chauvinism’

There’s a responsibility to report a balanced gender approach to this campaign, says letter writer

Second young woman dies after rollover crash near Williams Lake

‘Someone’s going to get her heart, which is awesome, because she has the best heart in the world’

Google searches for ‘how to vote’ surge on Election Day

Interest spikes despite social media campaign by Elections Canada

Union says Western Forest Products refuses to budge from ‘unreasonable concessions’

According to a press release, both parties met on Oct. 16, 18, 19, and 20.

UPDATE: Raiders to face Rebels in playoffs

Raiders defeat Valley Huskers 13-6 in BCFC regular-season finale

Alberta man pleads guilty, fined for hunting without a licence in North Island

It’s the responsibility of each hunter or angler to know whether they are considered a B.C. Resident.

B.C. mayor apologizes for removal of Queen’s portrait from council chambers

‘I prefer to be inclusive of the many aspects of our history’

Alcohol a possible factor in crash that killed 17-year-old girl near Williams Lake

A pickup truck left the road and rolled over on Highway 20 on the weekend

Rare bird spotted in Victoria draws enthusiasts from across the continent

It’s the first time a yellow-browed warbler has been reported on the mainland of North America

Most Read